0

Possible Duplicate:
Where to store database login credentials for a PHP application

I want to store some passwords (e.g. for the database connections) in a php file. But only one class should be able to access these data for security reasons.

So I thought, I write these passwords in a method of a generated php class. Then I will check the debug_backtrace to check if access is allowed or denied.

Now I want to set the permissions to execute only so that files can't read the content of the file where the php class is stored. The only problem is, that include doesn't work, because php self needs the rights to read.

Do you have any ideas how to handle this?

Community
  • 1
  • 1
Stefan Wienströer
  • 44
  • 9
  • Why don't you store them in your database? – Lotzki Dec 07 '12 at 17:55
  • 3
    @Lotzki he specifies that he wants to store the database passwords. – thatidiotguy Dec 07 '12 at 17:56
  • 3
    Why do you need to restrict access? Do you have other people sharing your server or something? Storing passwords in a php file is not insecure, as long as your server is properly protected. – thatidiotguy Dec 07 '12 at 17:57
  • @thatidiotguy You are correct, misunderstood the question. In that case, of course you can as long as only authorized people have access to your server. – Lotzki Dec 07 '12 at 17:59
  • 2
    Possible duplicates http://stackoverflow.com/questions/5882882/where-to-store-database-login-credentials-for-a-php-application http://stackoverflow.com/questions/558360/where-to-store-database-credentials-in-a-web-app http://stackoverflow.com/questions/824055/how-to-securely-store-database-connection-details and many others – Mike Dec 07 '12 at 18:11
  • This is a classic problem. If you are using SQL Server, use Windows Authentication instead of SQL Authentication. – brian beuning Dec 09 '12 at 19:35

0 Answers0